It’s Day 4 of the Scripps Health cyberattack, which forced the healthcare system offline.
On Tuesday, NBC 7 asked a spokesman from Scripps about the impact to patients and their personal information, but he declined to comment. On Monday, though, the healthcare provider said the cyberattack had prompted some patients to reschedule appointments and would be contacting them to do so. At the time, it was not clear how providers would be making contact with patients.
Poway patient Chris Sheridan told NBC 7 on Tuesday that he -- like many others -- learned they still had appointments by using Scripps Facebook account.
Sheridan is recovering at home after a two-hour shoulder surgery Monday at Scripps Carmel Valley. He went in with some concerns but said he got the same level of care he expected before the cyberattack.
“I was worried going in that something was going to be different,” Sheridan said. “I was very happy to have my shoulder surgery go on as planned.”
Sheridan contacted his health-care providers via Facebook's Instant Messenger app.
"They got back to me saying to keep my scheduled time unless I was otherwise told,” Sheridan said.
Another person asked if patients and staff should be concerned and take protection measures for possible identity fraud.
“We are still in the process of assessing the extent of this attack," Scripps wrote back. "If any patients’ information was compromised, we will be reaching out to them.”
One patient had a procedure Tuesday and wanted to know if the appointment was cancelled. Scripps asked the patient to direct message them with their name, date of birth, procedure location and doctor’s name so someone could contact the patient directly.
Sheridan said check-in was a little slow on Monday.
“I noticed they were using old school paperwork instead of using the computer for the normal information,” Sheridan said. “The nurse that was tending to me said it had been about 10 years since she had done paperwork like that and joked that she actually liked doing it the old school way.”
Sheridan said he didn’t notice a difference in care because of the cyberattack, but he’s still concerned about how much access hackers may have gained.
“I really hope they catch the people that did this because it’s not funny,” Sheridan said. “They could have potentially hurt somebody by not getting a surgery or some kind of procedure that needed to go on — if they had done so in cancelling it, it could have hurt somebody.”
The Scripps Cyberattack
Scripps Health officials said on Sunday that their technology servers were hacked over the weekend, forcing the health care system to switch to offline chart systems and causing a disruption to their patient portals.
Officials did not provide information on how the cyberattack occurred, nor did they share what systems were affected by the breach. A spokesman for Scripps declined to comment Monday when asked whether the incident was a case of ransomware, in which malicious code is introduced to a computer system, rendering it inoperable until a ransom is paid.
On Monday afternoon, the heath-care provider had one of its media representatives send out the following statement from what appeared to be a personal Gmail account:
"As Scripps Health continues to address the cyberattack from this past weekend, our facilities remain open for patient care, including our hospitals, emergency departments, urgent care centers, Scripps HealthExpress locations and other outpatient facilities. Our technical teams and vendor partners are working tirelessly to resolve issues related to the cyberattack as quickly as possible."
Scripps also said the cyberattack had prompted some patients to reschedule appointments and would be contacting them to do so. It's not clear how that contact would be made, since it appeared Scripps' email servers were affected by the outage. Patients who had appointments in "the next several days" can call 800-SCRIPPS for more information. Scripps.org was still down on Monday.
The health care system's representatives said on Sunday that they suspended access to patient portals and other "technology applications related to our operations at our health care facilities," but stressed that patient care continues using "established back-up processes, including offline documentation methods."
Some appointments were canceled on Sunday and Monday as a result of the breach.
Government Response to Scripps Cyberattack
The San Diego County Office of Emergency Services (OES) said on Sunday that ambulances were being diverted from Scripps' facilities to other hospitals in the area but that it was a precautionary measure. On Monday, an employee with AMR, the city's ambulance provider, said Scripps was only taking trauma transports and foot traffic at that time. All other ambulance traffic to Scripps medical centers was being diverted to other facilities.
Local law enforcement and "the appropriate government organizations" were notified of the cyberattack, Scripps Health said.
OES officials said Sunday that its cybersecurity professionals were investigating the cyberattack.
Anne Cutler of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency was asked for a comment regarding the situation. She referred NBC 7 back to Scripps for a comment.